online.gtefinancial.org Open in urlscan Pro
45.60.243.41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://online.gtefinancial.org/
Effective URL:
https://online.gtefinancial.org/
Submission: On August 07 via manual (August 7th 2024, 6:34:55 am UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 45.60.243.41, located in United States and belongs to INCAPSULA, US. The main domain is online.gtefinancial.org. The Cisco Umbrella rank of the primary domain is 956197.
TLS certificate: Issued by DigiCert EV RSA CA G2 on August 7th 2023. Valid for: a year.

This is the only time online.gtefinancial.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	45.60.243.41 45.60.243.41	19551 (INCAPSULA) (INCAPSULA)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	24.227.90.144 24.227.90.144	398847 (GTE-FINAN...) (GTE-FINANCIAL01)
3	104.19.229.21 104.19.229.21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.19.230.21 104.19.230.21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
15	6

7 45.60.243.41 (United States)

ASN19551 (INCAPSULA, US)

online.gtefinancial.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 24.227.90.144 (Tampa, United States)

ASN398847 (GTE-FINANCIAL01, US)
PTR: syn-024-227-090-144.biz.spectrum.com

cdn.gtefinancial.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.19.229.21 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.230.21 (None, )

ASN13335 (CLOUDFLARENET, US)

newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	gtefinancial.org online.gtefinancial.org — Cisco Umbrella Rank: 956197 cdn.gtefinancial.org	106 KB
5	hcaptcha.com js.hcaptcha.com — Cisco Umbrella Rank: 11084 newassets.hcaptcha.com — Cisco Umbrella Rank: 8953	112 KB
1	gstatic.com fonts.gstatic.com	48 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
15	4

	Domain	Requested by
7	online.gtefinancial.org	online.gtefinancial.org
4	newassets.hcaptcha.com	js.hcaptcha.com
1	fonts.gstatic.com	fonts.googleapis.com
1	js.hcaptcha.com	online.gtefinancial.org
1	cdn.gtefinancial.org	online.gtefinancial.org
1	fonts.googleapis.com	online.gtefinancial.org
15	6

This site contains no links.

Subject Issuer	Validity	Valid
online.gtefinancial.org DigiCert EV RSA CA G2	`2023-08-07` - `2024-09-06`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gtefinancial.org DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-15` - `2025-08-13`	a year	crt.sh
hcaptcha.com WE1	`2024-07-10` - `2024-10-08`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://online.gtefinancial.org/
Frame ID: DCE24E9AB8DDB89B8207EA388DBA4851
Requests: 6 HTTP requests in this frame

Frame: https://online.gtefinancial.org/_Incapsula_Resource?SWUDNSAI=31&xinfo=14-120675046-0%200NNN%20RT%281723012489958%2024%29%20q%280%20-1%20-1%201%29%20r%280%20-1%29%20B12%2811%2c1646894%2c0%29%20U18&incident_id=184000050236623589-606235986757157198&edet=12&cinfo=0b000000&rpinfo=0&cts=98eEVUVoBZ4PJLraCfi7FIkMwvJX143wEYihUSWrhuoX9pRPM%2b2E%2bp1DFgTCyLnC&mth=GET
Frame ID: 52DE99F7E7F22CF31AC249B9F8DA7A8A
Requests: 7 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/f763cc8/static/hcaptcha.html
Frame ID: 59D23848610EE9709582BBEBCFF65A05
Requests: 1 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/f763cc8/static/hcaptcha.html
Frame ID: F0C2FC24335C297A9D7B1250218FAEC6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://online.gtefinancial.org/ HTTP 307
https://online.gtefinancial.org/ Page URL

Detected technologies

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Page Statistics

15
Requests

100 %
HTTPS

33 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

267 kB
Transfer

780 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://online.gtefinancial.org/ HTTP 307
https://online.gtefinancial.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
online.gtefinancial.org/
Redirect Chain

http://online.gtefinancial.org/
https://online.gtefinancial.org/

1019 B
1 KB

74ms
25ms

Document
text/html

45.60.243.41
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://online.gtefinancial.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.243.41 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 42bd0c88722d5ecd4ed1fffd69d958b991880816ee49603a9a0a5227851ff7d5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Connection: close
Content-Length: 1019
Content-Type: text/html
X-Iinfo: 14-120675046-0 0NNN RT(1723012489958 24) q(0 -1 -1 1) r(0 -1) B12(11,1646894,0) U18

Redirect headers

Location: https://online.gtefinancial.org/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK _Incapsula_Resource Show response
online.gtefinancial.org/ 72 KB
17 KB 163ms
96ms Script
application/javascript 45.60.243.41
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://online.gtefinancial.org/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3
Requested by: Host: online.gtefinancial.org
URL: https://online.gtefinancial.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.243.41 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 1d9b519ff11de59535015242ce633ae05c1df8cfa07a9e9ccd53999b4d6b026d

Request headers

Referer: https://online.gtefinancial.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
Content-Encoding: gzip
X-Robots-Tag: noindex
Content-Length: 17518
Content-Type: application/javascript

GET
H/1.1 200
OK sile-Where-of-Life-vplights-like-it-spitance-of- Show response
online.gtefinancial.org/ 238 KB
78 KB 162ms
96ms Script
text/javascript 45.60.243.41
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://online.gtefinancial.org/sile-Where-of-Life-vplights-like-it-spitance-of-
Requested by: Host: online.gtefinancial.org
URL: https://online.gtefinancial.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.243.41 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: bon /
Resource Hash: a28d7aadec80dd8f6809605484a88e0bef5a8e608de6aa1b31d7f14378fc58e2

Request headers

Referer: https://online.gtefinancial.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 06:34:49 GMT
content-encoding: gzip
server: bon
X-CDN: Imperva
content-type: text/javascript
access-control-allow-origin: *
X-Iinfo: 2-4069749-4069751 NNNN CT(2 4 0) RT(1723012490050 62) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=300
server-timing: bon, total;dur=14.644758000000001
keep-alive: timeout=60
content-length: 78931

GET
H/1.1 200
OK _Incapsula_Resource
online.gtefinancial.org/ 1 B
123 B 23ms
23ms Image
text/plain 45.60.243.41
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online.gtefinancial.org/_Incapsula_Resource?SWKMTFSR=1&e=0.7095946060406337
Requested by: Host: online.gtefinancial.org
URL: https://online.gtefinancial.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.243.41 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://online.gtefinancial.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

GET
H/1.1 200
OK _Incapsula_Resource Show response
online.gtefinancial.org/ Frame 52DE 6 KB
2 KB 27ms
26ms Document
text/html 45.60.243.41
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://online.gtefinancial.org/_Incapsula_Resource?SWUDNSAI=31&xinfo=14-120675046-0%200NNN%20RT%281723012489958%2024%29%20q%280%20-1%20-1%201%29%20r%280%20-1%29%20B12%2811%2c1646894%2c0%29%20U18&incident_id=184000050236623589-606235986757157198&edet=12&cinfo=0b000000&rpinfo=0&cts=98eEVUVoBZ4PJLraCfi7FIkMwvJX143wEYihUSWrhuoX9pRPM%2b2E%2bp1DFgTCyLnC&mth=GET
Requested by: Host: online.gtefinancial.org
URL: https://online.gtefinancial.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.243.41 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 9ac62bf717fd5a0eec71b0acb4c2b24c9e1ee5c6b4c2ea73e60398efdcc24c58

Request headers

Referer: https://online.gtefinancial.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
Content-Encoding: gzip
Content-Length: 2104
Content-Type: text/html
X-Robots-Tag: noindex

GET
H2 200 css2
fonts.googleapis.com/ Frame 52DE 9 KB
1 KB 160ms
32ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;700&display=swap

Requested by

Host: online.gtefinancial.org
URL: https://online.gtefinancial.org/_Incapsula_Resource?SWUDNSAI=31&xinfo=14-120675046-0%200NNN%20RT%281723012489958%2024%29%20q%280%20-1%20-1%201%29%20r%280%20-1%29%20B12%2811%2c1646894%2c0%29%20U18&incident_id=184000050236623589-606235986757157198&edet=12&cinfo=0b000000&rpinfo=0&cts=98eEVUVoBZ4PJLraCfi7FIkMwvJX143wEYihUSWrhuoX9pRPM%2b2E%2bp1DFgTCyLnC&mth=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0957562a422079f3d8a5ac2effa333232af9e280e9ab3b73ad2f35655938ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://online.gtefinancial.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Aug 2024 06:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Aug 2024 05:15:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Aug 2024 06:34:50 GMT

GET
H/1.1 200
OK logo.png
cdn.gtefinancial.org/onlinebanking/images/ Frame 52DE 4 KB
5 KB 951ms
134ms Image
image/png 24.227.90.144
GTE-FINANCIAL01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.gtefinancial.org/onlinebanking/images/logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

24.227.90.144 Tampa, United States, ASN398847 (GTE-FINANCIAL01, US),

Reverse DNS

syn-024-227-090-144.biz.spectrum.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f3352762857620fdb01694b31bab80265aa108d7481190bd93445c56a18b0b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; preload

Request headers

Referer: https://online.gtefinancial.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 07 Aug 2024 06:34:51 GMT
Strict-Transport-Security: max-age=16070400; preload
Last-Modified: Thu, 03 Sep 2015 11:34:07 GMT
Server: Microsoft-IIS/10.0
ETag: "9b2085713ce6d01:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4402

GET
H3 200 api.js Show response
js.hcaptcha.com/1/ Frame 52DE 380 KB
108 KB 162ms
38ms Script
application/javascript 104.19.229.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hcaptcha.com/1/api.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.229.21 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b14d80870469b66850f16cff106337d602b1e4de8f0de71f49ab2de513af97f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://online.gtefinancial.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 06:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110484
server: cloudflare
etag: "72170ad9b85a3caee9f8c20d7d856ce6"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 8af53e43acf337ca-FRA

GET
H3 200 hcaptcha.html
newassets.hcaptcha.com/captcha/v1/f763cc8/static/ Frame 59D2 0
0 163ms
36ms Document
text/html 104.19.230.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/f763cc8/static/hcaptcha.html

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://online.gtefinancial.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 8af53e480e1e929b-FRA
content-encoding: br
content-security-policy: report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
content-type: text/html
date: Wed, 07 Aug 2024 06:34:51 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding Origin
x-content-type-options: nosniff

GET
H3 200 hcaptcha.html
newassets.hcaptcha.com/captcha/v1/f763cc8/static/ Frame F0C2 0
0 155ms
155ms Document
text/html 104.19.230.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/f763cc8/static/hcaptcha.html

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
X-Content-Type-Options	nosniff

Request headers

Referer: https://online.gtefinancial.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 8af53e480e1e929b-FRA
content-encoding: br
content-security-policy: report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
content-type: text/html
date: Wed, 07 Aug 2024 06:34:51 GMT
server: cloudflare
vary: Accept-Encoding Origin
x-content-type-options: nosniff

GET
H2 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ Frame 52DE 47 KB
48 KB 527ms
26ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://online.gtefinancial.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 23:36:26 GMT
x-content-type-options: nosniff
age: 111505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48444
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Aug 2025 23:36:26 GMT

GET
H3 200 de.json Show response
newassets.hcaptcha.com/captcha/v1/f763cc8/static/i18n/ Frame 52DE 10 KB
4 KB 964ms
464ms XHR
application/json 104.19.229.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/f763cc8/static/i18n/de.json

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.229.21 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

063d45cec65e324a6c59224cdf83a4a4f360c4bb934327d1c079d08e7924f4a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://online.gtefinancial.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 06:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
content-length: 3595
server: cloudflare
etag: "15f2add3184e9132ee5f7ae59fd78858"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=1209600
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 8af53e480c484dbb-FRA
expires: Wed, 21 Aug 2024 06:34:51 GMT

GET
H3 200 de.json Show response
newassets.hcaptcha.com/captcha/v1/f763cc8/static/i18n/ Frame 52DE 10 KB
0 964ms
964ms XHR
application/json 104.19.229.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/f763cc8/static/i18n/de.json

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.229.21 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

063d45cec65e324a6c59224cdf83a4a4f360c4bb934327d1c079d08e7924f4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://online.gtefinancial.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 06:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 3595
server: cloudflare
etag: "15f2add3184e9132ee5f7ae59fd78858"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=1209600
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 8af53e480c484dbb-FRA
expires: Wed, 21 Aug 2024 06:34:51 GMT

POST
H/1.1 200
OK sile-Where-of-Life-vplights-like-it-spitance-of- Show response
online.gtefinancial.org/ 743 B
1 KB 65ms
55ms Fetch
application/json 45.60.243.41
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://online.gtefinancial.org/sile-Where-of-Life-vplights-like-it-spitance-of-?d=online.gtefinancial.org
Requested by: Host: online.gtefinancial.org
URL: https://online.gtefinancial.org/sile-Where-of-Life-vplights-like-it-spitance-of-
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.243.41 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: bon /
Resource Hash: bf7aae487723ae6ec07481261c5eba581622298b34d4e23f5ed9d4a75e976e45

Request headers

Accept: application/json; charset=utf-8
Referer: https://online.gtefinancial.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Wed, 07 Aug 2024 06:34:50 GMT
Content-Encoding: gzip
server: bon
X-CDN: Imperva
Transfer-Encoding: chunked
content-type: application/json
access-control-allow-origin: *
X-Iinfo: 3-5919629-5919634 NNYN CT(2 10 0) RT(1723012490049 947) q(0 1 1 -1) r(1 1) U6
cache-control: no-cache, no-store
server-timing: bon, total;dur=27.266405
keep-alive: timeout=60

GET
H/1.1 200
OK favicon.ico
online.gtefinancial.org/ 906 B
1 KB 26ms
26ms Other
text/html 45.60.243.41
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://online.gtefinancial.org/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.243.41 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: a7f6113403ab01a9a6ab271c2da750c32f3720f57222368c9cd252cdaffd267a

Request headers

Referer: https://online.gtefinancial.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Iinfo: 3-5919629-0 0NNN RT(1723012490049 1624) q(0 -1 -1 -1) r(0 -1) B12(11,1646894,0) U18
Cache-Control: no-cache
Connection: close
Content-Length: 906
Content-Type: text/html

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gtefinancial.org/	1970-01-21 07:21:59	Name: visid_incap_2627755 Value: kYNYp6smTM+E5tb/Olqg84kVs2YAAAAAQUIPAAAAAABh2frq/GPx9jVw3wkz3lDb
.gtefinancial.org/	1969-12-31 23:59:59	Name: incap_ses_184_2627755 Value: tj+VCZq01C/lCgIhErONAokVs2YAAAAALWaJY2K93dhF5SlMz3lZzQ==
.gtefinancial.org/	1969-12-31 23:59:59	Name: nlbi_2627755_2147483392 Value: 2pyCKqbUHGocs+lkb/DRCQAAAAC5e7M+Bkhvh0etB5NlyCL4
.online.gtefinancial.org/	1970-01-20 23:20:04	Name: reese84 Value: 3:5fZMnE1J9Fb+st5ADwhO3Q==:zjmRyEo5/1o4Q9elrNRfegbczovPWoixQ0OH4fwu8Lw2Y8NcdDdWgLGF/Qu9CtAMjZ6p6sQEBB4cCN40nAc/PLhcNFWUN8z8HQgv6l8NLQaefVLNaDnAHER0TT0ZtmP5BjOab7LsS79MFTg2weFHM48Hrhet9ETpm8Yg5nLwECGMWuCBkKX4t+NVe4Qm8bAFBDj5jN88FjNjLswLUFio215goBfo+GIq43UFiDf4pH07/1+hg440LFCe3ChhIl9ZbWrRc4hgK98ZjGEL6WqPIltk9QjeyH8heVwpait4kCzeJkJMp42/lfU62nmXse8/K6QbtW/eedbY5E9UD451OfbWrYGwRL0elmzZ7OUw05ER2DQW/9vCotSeElO/J7E9CXQ9AbBf714qWuLKUN61zLGGOC7dibQTfOeBF8s5QnoYT0MW9go7SbfIsHG9uDgbZeiRNXRl+/de5HRu3PEhK7MmzWUfaGi9+BeJavg+1i2uG6f38fLK0OlLHGSDTyDeDqV3zYoZ94ErnPK6+5OoAmYJX8pV7DQlpnqj5wbpxmPxe1yAFh3bDt9I1roYRmbGCblbPsyDo9lkc5ZVG2V7HA==:26ZkzKAqeUZEjd1jhb3Wi/az7vANIxqGqoZsDWrtWE4=
online.gtefinancial.org/	1970-01-20 22:36:56	Name: incap_sh_2627755 Value: ixWzZgAAAABvVbtjBgAQi6vMtQakTxaNjtOdzG0rphg7r53D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.gtefinancial.org
fonts.googleapis.com
fonts.gstatic.com
js.hcaptcha.com
newassets.hcaptcha.com
online.gtefinancial.org
104.19.229.21
104.19.230.21
24.227.90.144
2a00:1450:4001:80b::200a
2a00:1450:4001:81c::2003
45.60.243.41
063d45cec65e324a6c59224cdf83a4a4f360c4bb934327d1c079d08e7924f4a3
1d9b519ff11de59535015242ce633ae05c1df8cfa07a9e9ccd53999b4d6b026d
42bd0c88722d5ecd4ed1fffd69d958b991880816ee49603a9a0a5227851ff7d5
9ac62bf717fd5a0eec71b0acb4c2b24c9e1ee5c6b4c2ea73e60398efdcc24c58
a28d7aadec80dd8f6809605484a88e0bef5a8e608de6aa1b31d7f14378fc58e2
a7f6113403ab01a9a6ab271c2da750c32f3720f57222368c9cd252cdaffd267a
b14d80870469b66850f16cff106337d602b1e4de8f0de71f49ab2de513af97f1
bf7aae487723ae6ec07481261c5eba581622298b34d4e23f5ed9d4a75e976e45
d0957562a422079f3d8a5ac2effa333232af9e280e9ab3b73ad2f35655938ec2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f3352762857620fdb01694b31bab80265aa108d7481190bd93445c56a18b0b95

online.gtefinancial.org Open in urlscan Pro 45.60.243.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

33 %IPv6

4 Domains

6 Subdomains

6 IPs

3 Countries

267 kBTransfer

780 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

5 Cookies

Indicators

online.gtefinancial.org Open in urlscan Pro
45.60.243.41 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

33 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

267 kB
Transfer

780 kB
Size

5
Cookies

15 HTTP transactions
0 data transactions